Commit Graph

1794 Commits

Author SHA1 Message Date
Jacob Barthelmeh ae00b5acd0 some minor changes for unintialized and null infer reports 2021-07-06 14:13:45 +07:00
David Garske 43f8c5ba1b Merge pull request #4121 from JacobBarthelmeh/PKCS7
wc_PKCS7_DecodeCompressedData optionally handle a packet without cont…
2021-07-01 17:03:56 -07:00
JacobBarthelmeh 45486ac904 Merge pull request #4166 from miyazakh/supportedversion_ex_mindowngrade
not include smaller versions than minimum downgrade
2021-07-01 21:00:20 +07:00
Chris Conlon 9179071af5 Merge pull request #4153 from JacobBarthelmeh/Testing
fix for keyid with ktri cms
2021-06-29 11:40:00 -06:00
David Garske 74b9b5a8cd Merge pull request #4156 from SparkiDev/regression_fixes_1
Regression test fixes
2021-06-25 07:48:02 -07:00
Jacob Barthelmeh 5038a27cda add test cases and set content oid with decode encrypted data 2021-06-25 21:16:01 +07:00
Hideki Miyazaki 5bb52915b9 update test conf to fix jenkins failures 2021-06-25 16:31:49 +09:00
Hideki Miyazaki d576e3ef96 not send smaller versions than minimum downgradable version as supportedversion ext 2021-06-25 14:51:34 +09:00
Sean Parkinson dab6724059 Regression fixes: more configurations
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
&& make
./configure --disable-aescbc --disable-chacha --disable-poly1305
--disable-coding && make
2021-06-25 15:23:51 +10:00
Sean Parkinson 1994811d24 Merge pull request #4144 from haydenroche5/pkcs8
Make a bunch of PKCS#8 improvements.
2021-06-25 12:22:11 +10:00
Sean Parkinson 8592053856 Regression test fixes
./configure --enable-all --disable-rsa
./configure --disable-chacha --disable-asm
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
--enable-cryptonly (and ed25519, curve448, ed448)
./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc
--disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh
-disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
--enable-lowresource --enable-singlethreaded --disable-asm
--disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224
--disable-sha384 --disable-sha512 --disable-sha --disable-md5
-disable-aescbc --disable-chacha --disable-poly1305 --disable-coding
Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL
2021-06-25 09:18:06 +10:00
Juliusz Sosinowicz 656e49cc3b Expand SHA-3 support
Add more support in the EVP layer as well as add signing support. The SHA-3 OID's were also added for DER algorithm identifier encoding.
2021-06-24 19:31:43 +02:00
Hayden Roche b3401bd102 Make a bunch of PKCS#8 improvements.
- Add doxygen documentation for wc_GetPkcs8TraditionalOffset, wc_CreatePKCS8Key,
wc_EncryptPKCS8Key, and wc_DecryptPKCS8Key.
- Add a new API function, wc_CreateEncryptedPKCS8Key, which handles both
creation of an unencrypted PKCS#8 key and the subsequent encrypting of said key.
This is a wrapper around TraditionalEnc, which does the same thing. This may
become a first-class function at some point (i.e. not a wrapper). TraditionalEnc
is left as is since it is used in the wild.
- Added a unit test which exercises wc_CreateEncryptedPKCS8Key and
wc_DecryptPKCS8Key. Testing wc_CreateEncryptedPKCS8Key inherently also tests
TraditionalEnc, wc_CreatePKCS8Key, and wc_EncryptPKCS8Key.
- Modified wc_EncryptPKCS8Key to be able to return the required output buffer
size via LENGTH_ONLY_E idiom.
- Added parameter checking to wc_EncryptPKCS8Key and wc_DecryptPKCS8Key.
2021-06-23 08:39:20 -07:00
Sean Parkinson 2923d812bd Merge pull request #4058 from miyazakh/qt_oslext_cs
TLS: extend set_cipher_list() compatibility layer API
2021-06-23 10:12:11 +10:00
Chris Conlon 4b3bd3e384 Merge pull request #4049 from miyazakh/set_verifyDepth_3
Set verify depth limit
2021-06-22 10:23:43 -06:00
Chris Conlon 446393bcab Merge pull request #3793 from TakayukiMatsuo/os_base64
Add wolfSSL_EVP_Encode/Decode APIs
2021-06-22 10:19:30 -06:00
Chris Conlon b050463dce Merge pull request #4059 from miyazakh/qt_unit_test
fix qt unit test
2021-06-22 10:12:48 -06:00
Jacob Barthelmeh 647bde671c macro guard on test case 2021-06-22 22:56:35 +07:00
Jacob Barthelmeh 3cd43cf692 fix for keyid with ktri cms 2021-06-22 21:33:12 +07:00
David Garske c4ea64b7fc Merge pull request #4140 from SparkiDev/set_sig_algs 2021-06-21 19:18:10 -07:00
Sean Parkinson 7224fcd9bc TLS: add support for user setting signature algorithms 2021-06-18 16:19:01 +10:00
Hideki Miyazaki 1ebb4a47f6 addressed jenkins failure 2021-06-18 11:22:20 +09:00
Hideki Miyazaki 4feedb72cc simulate set_ciphersuites comp. API 2021-06-18 11:22:19 +09:00
Hideki Miyazaki ddf2a0227f additional fix for set verify depth to be compliant with openssl limit 2021-06-18 11:00:51 +09:00
Hideki Miyazaki 951de64e2c set PSK at the beginning 2021-06-18 07:59:35 +09:00
Eric Blankenhorn 1307972344 Update use of joi cert and add to renew script. 2021-06-16 13:55:36 -05:00
TakayukiMatsuo 9e02655ac4 Merge remote-tracking branch 'upstream/master' into os_base64 2021-06-16 23:19:52 +09:00
Sean Parkinson b73673a218 Merge pull request #3794 from TakayukiMatsuo/os_keyprint
Add wolfSSL_EVP_PKEY_print_public
2021-06-16 08:43:41 +10:00
TakayukiMatsuo c6680d08ba Fix coding issues 2021-06-15 11:16:38 +09:00
Sean Parkinson 12c358bc30 Merge pull request #3979 from dgarske/tls13_async
Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement
2021-06-15 10:02:19 +10:00
David Garske 77df7d8630 Merge pull request #3968 from elms/pedantic_cleanup
Fixes for some `-pedantic` errors
2021-06-14 13:46:39 -07:00
David Garske fd6b30ef32 Merge pull request #4111 from elms/silabs/fix_ecc_shared_secret_outlen
silabs: fix `wc_ecc_shared_secret` to only return x coordinate
2021-06-14 13:44:00 -07:00
Chris Conlon a8d185cb9e Merge pull request #4117 from TakayukiMatsuo/tk12403
Add null-parameters-test cases for SHA(), SHA224(), MD5() and MD5_xxx().
2021-06-14 13:52:01 -06:00
Elms ed4cf6e91c silabs: fix wc_ecc_shared_secret to only return x coordinate
secure element computes and returns the full coordinate. The wolfSSL
API should only return the x component.
2021-06-13 21:46:23 -07:00
TakayukiMatsuo ebec2fbd25 Fixed uninitialized parameter for Base16_Encode 2021-06-14 13:45:12 +09:00
Hideki Miyazaki 6d3b9aec80 fix api compile failure 2021-06-12 09:24:11 +09:00
David Garske 2e4e65f518 Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement
* Added async support to `SendTls13ClientHello`, `DoTls13ServerHello` and `DoTls13ClientHello`.
* Cleanup of the example client/server use key share code.
* Fix some scan-build warnings.
ZD 12065
2021-06-11 14:12:12 -07:00
TakayukiMatsuo ed5cb0a1bd Modified along the revire comments 2021-06-11 21:08:27 +09:00
TakayukiMatsuo 779e3701e6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-06-11 13:56:52 +09:00
Sean Parkinson 36a9cd3010 Merge pull request #3911 from TakayukiMatsuo/tk11851
Fix SSL_read behaving differently from openSSL after bidirectional shutdown
2021-06-11 10:25:39 +10:00
David Garske 624e150c7b Merge pull request #3827 from SparkiDev/tls13_psk_hash
TLS 1.3 PSK: use the hash algorithm to choose cipher suite
2021-06-10 06:59:40 -07:00
Sean Parkinson 3ecb8d5a3e Merge pull request #4062 from dgarske/dh_key
DH Key and Params Export cleanups and Apache httpd fixes
2021-06-10 20:54:32 +10:00
TakayukiMatsuo 4d3f2f92fd Add test cases for SHA(), SHA224(), MD5() and MD5_xxx() to test with null parameters. 2021-06-10 16:40:51 +09:00
Sean Parkinson 7e0c372e4c TLS 1.3 PSK: use the hash algorithm to choose cipher suite
See RFC 8446: 4.2.11
With TLS 1.3 PSK callback, If the returned cipher suite isn't available,
use the hash from the cipher suite and choose from available list.
Require exact match when: WOLFSSL_TLS13_PSK_NO_MATCH_HASH

Alternative callback for client added that is passed a cipher suite
string. Called for each cipher suite that is to be negotiated.
If cipher suite to be used with PSK then return client identity.
Returning an identity based on cipher suite hash will result in
only one PSK extension being added per hash.
2021-06-10 09:55:27 +10:00
David Garske c6c7dfd5db Merge pull request #4053 from SparkiDev/cppcheck_fixes_6
cppcheck: fixes from reviewing report
2021-06-09 12:51:30 -07:00
David Garske a6edff7bd5 Merge pull request #4017 from SparkiDev/not_ecc_pk_cb
ECC: Disable ECC but have Curve25519/448 and PK callbacks fix
2021-06-09 12:38:37 -07:00
Sean Parkinson 9580574382 Merge pull request #3999 from dgarske/user_io
Fixes for building with `WOLFSSL_USER_IO`
2021-06-09 08:55:36 +10:00
Sean Parkinson 70d2c838bb Merge pull request #4080 from kaleb-himes/SHAKE_DEFAULT_FIX
Sync SHAKE256 default (disabled) with parent default edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag
2021-06-09 08:52:05 +10:00
David Garske 6db0b42c7f * Refactor of DH key and param exports code (moved into asn.c) enabled with WOLFSSL_DH_EXTRA.
* Cleanup `WOLFSSL_DH_EXTRA` macro logic and do not allow with FIPS v1 or v2.
* Fixes for httpd (if `SSL_CONF_FLAG_FILE` is defined it is used to indicate support for `SSL_CONF_CTX_set_flags` and `SSL_CONF_cmd_value_type`).
* Add Curve448 and ED448 key type to `enum wc_PkType`.
* Expand `dh_ffdhe_test` to include 4096 bit.
2021-06-08 09:27:26 -07:00
TakayukiMatsuo 0186d19aba Fix some coding style issues. 2021-06-08 16:25:28 +09:00